Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win7, fff5ee.com, came back after reboot


  • Please log in to reply
9 replies to this topic

#1 jp_over

jp_over

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 08 November 2014 - 07:59 PM

Friends,
 
I'm running Win7 Home Premium (x64), with McAfee Security Center 12.8.  I recently noticed the security settings were changed (IE not allowing downloads, not allowing print, etc.).  So, I downloaded (via Firefox) anti-Malwarebytes and started to get notices that fff55.ee was being blocked (along with some other sites).  I'm current with all Windows and Java updates.
 
I ran an Anti-Malwarebytes scan which came back as fixing the problems, but upon reboot the fff533.com is still being blocked (meaning it's still present).  How can I remove it for good?  Here's the scan log:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Starting,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Started,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Update, 11/8/2014 6:53:36 PM, SYSTEM, JP1-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.11.8.1,
Update, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Manual, Malware Database, 2014.9.19.5, 2014.11.8.6,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Refresh, Starting,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Stopping,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Stopped,
Protection, 11/8/2014 6:53:50 PM, SYSTEM, JP1-PC, Protection, Refresh, Success,
Protection, 11/8/2014 6:53:50 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 6:53:51 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 51994, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 51994, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51996, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51996, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:54:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, 52373, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:54:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, 52373, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:55:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57378, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:56:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58087, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:57:45 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60185, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:57:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60275, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:58:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60435, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:58:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60865, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:00 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60889, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:03 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60891, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:04 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60908, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61081, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:00:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 62819, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:01:15 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63082, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:01:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63100, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63763, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 63873, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:27 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 63897, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:41 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63932, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:03:12 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64657, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:04 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65218, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65224, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:32 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65228, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:07:18 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65236, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:07:27 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65237, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:08:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65241, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:09:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65245, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:09:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65246, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:10:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65248, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:12:50 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65253, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:14:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65258, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:15:46 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65262, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Scan, 11/8/2014 7:17:41 PM, SYSTEM, JP1-PC, Manual, Start:11/8/2014 6:54:22 PM, Duration:11 min 7 sec, Threat Scan, Completed, 19 Malware Detections, 0 Non-Malware Detections,
Protection, 11/8/2014 7:18:36 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Starting,
Protection, 11/8/2014 7:18:37 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Started,
Protection, 11/8/2014 7:18:38 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 7:18:39 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Detection, 11/8/2014 7:19:37 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49174, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:19:37 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49174, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Update, 11/8/2014 7:33:18 PM, SYSTEM, JP1-PC, Scheduler, Failed, Unable to access update server,
Update, 11/8/2014 7:34:45 PM, SYSTEM, JP1-PC, Manual, Failed, Unable to access update server,
(end)

Edited by Queen-Evie, 09 November 2014 - 01:58 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 jp_over

jp_over
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 08 November 2014 - 08:13 PM

Here's the .txt file if this is easier to check out.

Attached Files


Edited by jp_over, 09 November 2014 - 03:17 PM.


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:42 PM

Posted 09 November 2014 - 02:02 PM

Please post the attached files in your topic.  I will not download anything to my computer unless I know exactly what it contains.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 jp_over

jp_over
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 09 November 2014 - 02:04 PM

Dc3,

 

Thanks!  The log is posted in my first post, but here it is again:

 

Malwarebytes Anti-Malware
- LINK removed

Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Starting,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Started,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 6:53:34 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Update, 11/8/2014 6:53:36 PM, SYSTEM, JP1-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.11.8.1,
Update, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Manual, Malware Database, 2014.9.19.5, 2014.11.8.6,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Refresh, Starting,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Stopping,
Protection, 11/8/2014 6:53:44 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Stopped,
Protection, 11/8/2014 6:53:50 PM, SYSTEM, JP1-PC, Protection, Refresh, Success,
Protection, 11/8/2014 6:53:50 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 6:53:51 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 51994, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 51994, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51996, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:53:57 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51996, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:54:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, 52373, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:54:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, 52373, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:55:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57378, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:56:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58087, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:57:45 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60185, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:57:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60275, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:58:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60435, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:58:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60865, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:00 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60889, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:03 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60891, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:04 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 60908, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 6:59:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61081, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:00:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 62819, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:01:15 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63082, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:01:17 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63100, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:07 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63763, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 63873, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:27 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 63897, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:02:41 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, fff5ee.com, 63932, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:03:12 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64657, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:04 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65218, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65224, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:04:32 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65228, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:07:18 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65236, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:07:27 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65237, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:08:20 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65241, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:09:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65245, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:09:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65246, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:10:58 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65248, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:12:50 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65253, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:14:22 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65258, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:15:46 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65262, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Scan, 11/8/2014 7:17:41 PM, SYSTEM, JP1-PC, Manual, Start:11/8/2014 6:54:22 PM, Duration:11 min 7 sec, Threat Scan, Completed, 19 Malware Detections, 0 Non-Malware Detections,
Protection, 11/8/2014 7:18:36 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Starting,
Protection, 11/8/2014 7:18:37 PM, SYSTEM, JP1-PC, Protection, Malware Protection, Started,
Protection, 11/8/2014 7:18:38 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Starting,
Protection, 11/8/2014 7:18:39 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, Started,
Detection, 11/8/2014 7:19:37 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49174, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Detection, 11/8/2014 7:19:37 PM, SYSTEM, JP1-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49174, Outbound, C:\Windows\SysWOW64\dllhost.exe,
Update, 11/8/2014 7:33:18 PM, SYSTEM, JP1-PC, Scheduler, Failed, Unable to access update server,
Update, 11/8/2014 7:34:45 PM, SYSTEM, JP1-PC, Manual, Failed, Unable to access update server,

(end)


Edited by jp_over, 09 November 2014 - 03:16 PM.


#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:42 PM

Posted 09 November 2014 - 03:02 PM

Dc3,

 

Thanks!  The log is posted in my first post, but here it is again:

If you reread my last post, I will not download anything to my computer unless I know exactly what it contains.  You posted a link to download the log which I refuse to use.

 

Are you running a firewall?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 jp_over

jp_over
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 09 November 2014 - 03:11 PM

I apologize but I don't understand.  The posted .txt file contains the same data (history of the Anti Malware Bytes scan log) that I copied and pasted in response to your post.  Do you need me to remove the "malwarebytes.org" link at the beginning of the post?  I'm a bit lost here. I tried to delete the file I uploaded but couldn't find the option to do so.
 
Yes, I'm running McAfee Internet Security but the recent IP activity which is being blocked has been blocked by Malwarebytes Anti Malware. Further, when I try to run programs, I receive the "this program is blocked by group policy" error.

Edited by jp_over, 09 November 2014 - 03:20 PM.


#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:42 PM

Posted 09 November 2014 - 03:25 PM

I apologize for any confusion.  I was just trying to explain why I didn't use the download to get the log.  As you have probably noticed, I have an aversion to downloading potentially dangerous content.

 

Is your copy of Malwarebyte Antimalware the free version?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 jp_over

jp_over
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 09 November 2014 - 03:28 PM

No apology necessary, I don't blame you for being cautious.

 

To answer your question, it is the free version, however I've been considering the purchase version as McAfee has let us down a couple of times now.


Edited by jp_over, 09 November 2014 - 03:35 PM.


#9 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:42 PM

Posted 09 November 2014 - 03:40 PM

It's a good program, I may see about purchasing a copy myself.

 

Try uninstalling Malwarebytes and then download it and reinstall it.

 

Do you have Windows Defender disabled?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#10 jp_over

jp_over
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA
  • Local time:05:42 PM

Posted 09 November 2014 - 05:18 PM

Updates:  I was able to find and remove the Powelik virus with the E-set Powelik removal tool.  Further, I'm running an E-set online scan now which has found 1 Trojan.  Sadly, the scan is taking forever since the infected PC is running at 1.5MBPS vs the 30MBPS of my others on the network (tested via speedtest.net).

 

Also, windows defender is not enabled (McAfee has its own firewall and I believe it disables the windows defender one).  However, I've disabled McAfee and MBAB in order to run the E-set online scan.

 

Not sure how an uninstall and install could help as the MBAM was just installed yesterday and is up to date.

 

Of note, wince this problem, I've disconnected the PC from the wireless router (and our home network).  I've also changed my router and network password and then put the PC back on the net as a "guest" account so it can't talk to my other PCs (2).

 

I'm still having the "denied access due to group policy" even though it's an administrator account.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users